Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[draft] Handover Protocol #198

Draft
wants to merge 49 commits into
base: rocknroll
Choose a base branch
from
Draft

[draft] Handover Protocol #198

wants to merge 49 commits into from

Conversation

cygnusv
Copy link
Member

@cygnusv cygnusv commented Feb 18, 2025

Type of PR:

  • Bugfix
  • Feature
  • Documentation
  • Refactor
  • Other

Required reviews:

How many reviews does the PR author need?

  • 1
  • 2
  • 3

What this does:

High-level idea of the changes introduced in this PR.
List relevant API changes (if any), as well as related PRs and issues.

Issues fixed/closed:

  • Fixes #...

Why it's needed:

Explain how this PR fits in the greater context of the NuCypher Network.
E.g., if this PR address a nucypher/productdev issue, let reviewers know!

Notes for reviewers:

What should reviewers focus on?
Is there a particular commit/function/section of your PR that requires more attention from reviewers?

cygnusv and others added 30 commits February 14, 2025 11:06
@cygnusv @piotr-roslaniec
Jammin' with Piotr: draft of share update helpers with verifiability
574d0ba 
Co-authored-by: Piotr Roslaniec <[email protected]>
@cygnusv
Distinction between ShareCommitments and TDec PublicKeys
0cfa02e
@cygnusv
Clarifying some refresh tests
1020d00
@cygnusv
Yay! Tests work when blinding is deactivated, so the problem is unbli…
ba6cd93 
…nding

Or more correctly, the problem must be we're not unblinding shares in tests. This makes sense because the new verifiability features for updates were designed to work on top of blinded shares, and these tests were written for the previous share update code
@cygnusv
Some tests fixed: share updating should be done on top of blinded shares
ec9e368 
As suspected 2 commits ago
@cygnusv
ShareUpdate verification method
bf94aba
@cygnusv
Clarification
86469bc
@cygnusv
Verify share update in first tests
e7704db
@cygnusv
UpdateTranscript struct to encapsulate updates and poly commitments
cac942a
@cygnusv
Move methods to create updates from ShareUpdate to UpdateTranscript
40df9ae
@cygnusv
Use UpdateTranscripts instead of ShareUpdate
b63c927
@cygnusv
First version of UpdateTranscript validation
50b2259 
For the moment, just validating share update commitments
@cygnusv
UpdateTranscript validation: add consistency checks with update poly
c83e2d9
@cygnusv
cargo-fix'n stuff
418b204
@cygnusv
UpdateTranscript validation: poly commitments fit the update type
60268c3 
* For refresh: C_0 == 1,
* For recovery at root t: sum(r * C_i) == 1
@cygnusv
Comments
3bf9014
@cygnusv
Code quality
956032f
@cygnusv
Preparing refactor
dae4d4e
@cygnusv
preparing refactor 2
bf44976
@cygnusv
preparing for refactor 3
7a08698
@cygnusv
Introduce UpdatableBlindedKeyShare as part of refresh API
f7d04bc 
Get rid of PrivateKeyShare and UpdatedPrivateKeyShare at the refresh level. Instead, we'll continue to deal with BlindedKeyShares, since they're semantically similar to transcripts at the pvss & dkg level
@cygnusv
Use BlindedKeyShare at the PVSS level
13adb7b 
Let the refresh layer deal with private keys
@cygnusv
Don't update private key shares directly at the PVSS level
f83a860
@cygnusv
Basic refresh tests work again!
a620dfd 
Repurposed `PrivateKey.recover_share_from_updated_private_shares` code as the test function `combine_private_shares_at`, since it doesn't make sense to combine private key shares in production code.
@cygnusv
Use UpdateTranscripts as input to update BlindedKeyShares
69b5099
@cygnusv
Method to refresh an AggregateTranscript
9515704
@cygnusv
DKG level method for validators to create refresh transcripts
cd44ebe
@cygnusv
Fix test_dkg_simple_tdec_share_refreshing test!
1990248
@cygnusv
Point out that aggregate coefficients need to be updated too
48a5463
@cygnusv
Recovery tests are broken. Marked as ignored and adjusted to compile
8f37b71
cygnusv added 19 commits February 14, 2025 11:07
@cygnusv
Pass Keypairs as input to unblind BlindedKeyShares
bad0d3b
@cygnusv
Tidy up imports in several places
8a52e07
@cygnusv
PrivateKeys are never blinded directly
b8a4c5c 
This was meant to be a test-only function, but let's remove it to avoid misuse
@cygnusv
Assorted cleanup
b3df880
@cygnusv
Add TODO about using explicit imports (see #194)
cff8dfd
@cygnusv
Explicitly rename DKG PublicKeys to avoid confusion with Validator PKs
dceac71
@cygnusv
Use PublicKeys instead of internal G2 type when possible
8296118
@cygnusv
Generating random DKG public keys should only be a test function
031aad5 
For some reason, it was part of WASM bindings too
@cygnusv
Consider using multipairings
a3f607d 
See issue #192
@cygnusv
Consider encrypt_in_place for AEAD
ee98c24 
See issue #196
@cygnusv
New AggregatedTranscript constructor from an existing aggregate
5c797aa 
Also, no need to compute the public from from the transcripts, since we can just take it from the aggregate
@cygnusv
Add refresh functionality at API level
b6aac7d
@cygnusv
Fix share refresh test at the API level!
096b91c
@cygnusv
Code areas marked for refactor or removal
35eb653 
See #197
@cygnusv
Common test parameters for shares_num and threshold
66bfd37 
Two reasons:
* We don't consider the case for num_validators != shares_num, so all the places that account for this can be refactored (see #197)
* We always need to consider the case when threshold == shares_num because some tests have failed in the past in this situation.
@cygnusv
At the API level, use local type for Refresh Transcripts
664f8ea
@cygnusv
Remove unnecessary code in context.rs
0efb567 
* PublicDecryptionContextFast was unused (we use the simple variant)
* Remove h parameter in the simple one, which has some simplifying downstream effects
@cygnusv
First draft of HandoverTranscript - a.k.a. The Baton
6989cde 
HandoverTranscript, a.k.a. "The Baton", represents the message an incoming node produces to initiate a handover with an outgoing node. After the handover, the incoming node replaces the outgoing node in an existing cohort, securely obtaining a new blinded key share, but under the incoming node's private key.
@cygnusv
Draft for testing handover transcripts
5b242e0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cygnusv